Skip to main content

The perma CLI

perma is the command-line control surface for your gateway. Everything the console does, perma can do over the gateway's REST v1 API: manage agents, grants, secrets and policy, read the audit log, and configure connections (including SSH).

It never handles a raw secret in a way an agent could see: values are read from a file, an environment variable, or stdin, and are sealed by the gateway.

Getting perma

perma is built from the same repository as the gateway. If you installed the gateway toolchain it is on your PATH as perma; otherwise build it from source:

cargo build --release -p permaura-cli # produces target/release/perma

Pointing it at a gateway

Two global flags apply to every command:

FlagEnvDefault
--urlPERMAURA_URLhttp://127.0.0.1:8787
--tokenPERMAURA_TOKENthe seeded demo token

On a fresh demo gateway the default token works out of the box. On your gateway, pass your operator token with --token (or set PERMAURA_TOKEN).

perma --url http://127.0.0.1:8787 --token "$PERMAURA_TOKEN" status

A quick tour

perma status # gateway health + counts
perma connection list # configured connections
perma audit --limit 20 # the signed audit log
perma pending # calls awaiting your approval

See the command reference for everything, or jump straight to connecting via SSH.